If your business has a CCTV system in place, you need to prepare for the General Data Protection Regulation — commonly referred to as GDPR. Set to be introduced on the 25th of May 2018, considering what actions you must take is essential to ensuring your company does not face the tough consequences that have been set out.
You’re currently following the Data Protection Act (DPA), but once GDPR arrives, it will replace DPA and you will have to become GDPR compliant. Even though it is a piece of European Union legislation, it is likely that Britain will adopt this even after Brexit — meaning that your company should be prepared.
Avoiding the 4% turnover consequence
If you’re not complying with the GDPR legislation already, you must begin to prepare, as you can face a penalty fee of 4% of annual turnover, globally. Here are some of the key things you need to know:
- You need a strong and valid reason for the placement of CCTV around your perimeter.
- You can’t use CCTV to ‘watch over’ your employees.
- You must not place CCTV in places where employees expect privacy (i.e. canteens).
- You must notify surrounding people that they are being recorded.
- You shouldn’t keep data for over 30 days — under different circumstances, this can
- You have a duty to protect the data that you collect.
How to avoid GDPR prosecution
It’s important that you comply with the guidelines set out by this legislation to avoid any type of penalties from the European Union. We’ve partnered with 2020 Vision, cloud CCTV storage experts, to find out its take on business protection:
- A reason for CCTV could be to help protect your employees when it comes to health and safety and capture any incidents that could potentially occur — such as a robbery.
- Compile an operational requirement, which should support your decision for CCTV placement.
- Highlight a security risk which could be minimised through CCTV — whether this is being placed in canteens or smoking areas. An operational requirement can be made in this instance, too.
- Notify the public that you are recording them for CCTV and security purposes by putting up signs that signal this — include a contact number too, so anyone can contact if they have any issues.
- Dispose of your data after 30 days of retainment — it can be kept for longer if the local authorities have a written request and they must view it on your premises.
- Avoid data breaches by drafting up a contract with your security supplier (who will become your data processor under GDPR legislation) and highlight what they can and can’t do with any footage that they obtain from your surveillance.
It won’t be long until GDPR is set in stone. Contact 2020 Vision now and ensure that your business is compliant with this harsh piece of legislation. Make sure that you’re covered at all costs by clicking here and avoid tremendous penalties for non-compliers.